Updated glibc packages fix security vulnerability
Publication date: 27 Mar 2017Modification date: 27 Mar 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-5180 , CVE-2016-5417
Description
Florian Weimer discovered a NULL pointer dereference in the DNS resolver of the GNU C Library. An attacker could use this to cause a denial of service (CVE-2015-5180). Tim Ruehsen discovered that the getaddrinfo() implementation in the GNU C Library did not properly track memory allocations. An attacker could use this to cause a denial of service (CVE-2016-5417).
References
SRPMS
5/core
- glibc-2.20-24.mga5